package com.words.service;

import com.words.dao.*;
import com.words.entity.*;
import com.words.entity.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import java.util.ArrayList;
import java.util.List;

@Service("userDetailsService")
public class SecurityUserService implements UserDetailsService {
    @Autowired
    //用户类数据库操作
    private UserDao userDao;

    @Autowired
    //角色类数据库操作
    private RoleDao roleDao;

    @Autowired
    //用户_角色类数据库操作
    private User_RoleDao user_role_Dao;

    @Autowired
    //角色_权限类数据库操作
    private Role_AuthorityDao role_authorityDao;

    @Autowired
    //权限类数据库操作
    private AuthorityDao authorityDao;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {


        System.out.println(username + "正在登录");
        // 从数据库中取出用户信息
        User user = userDao.queryByUsername(username);

        // 判断用户是否存在
        if (user == null) {
            throw new UsernameNotFoundException("用户名不存在或密码不正确");
        }

        List<GrantedAuthority> authorities = getUserAuthority(user.getId());
        // 返回UserDetails实现类
        UserDetails user1 = new org.springframework.security.core.userdetails.User
                (username, user.getPassword(), authorities);

        //该用户拥有的角色和权限
        System.out.print(username + "登录成功!拥有角色和权限为：");
        int n = 1;

        for (GrantedAuthority authority : authorities) {
            System.out.print(authority.getAuthority().toString() + " ");
        }
        System.out.println("");
        return user1;
    }

    //通过用户id查找权限
    public List<GrantedAuthority> getUserAuthority(int userid) {
        //用户所拥有的权限
        ArrayList<GrantedAuthority> authorities = new ArrayList<>();
        //查询用户所拥有的 用户-角色表
        List<SysUserRole> user_rolelist = user_role_Dao.listByUserId(userid);
        //查询用户所拥有的 角色
        ArrayList<Role> rolelist = new ArrayList<>();
        for (SysUserRole user_role : user_rolelist) {
            rolelist.add(roleDao.selectById(user_role.getRoleId()));
        }

        for (Role role : rolelist) {

            //给用户添加角色权限
            authorities.add(new SimpleGrantedAuthority(role.getName()));
            //该角色对应的 角色-URL表
            List<SysRoleAuthority> role_authlist = role_authorityDao.queryByRoleid(role.getId());
            //用户所拥有的URL权限
            ArrayList<SysAuthority> authlist = new ArrayList<>();
            for (SysRoleAuthority role_auth : role_authlist) {
                authlist.add(authorityDao.queryById(role_auth.getAuth_id()));
            }
            //将URL关键字添加到用户权限
            for (SysAuthority auth : authlist) {
                authorities.add(new SimpleGrantedAuthority(auth.getAuth_keyword()));
            }
        }
        return authorities;
    }

    //通过用户姓名查找权限
    public List<GrantedAuthority> getUserAuthority(String username) {
        User user = userDao.queryByUsername(username);

        // 判断用户是否存在
        if (user == null) {
            throw new UsernameNotFoundException("用户名不存在或密码不正确");
        }
        //用户所拥有的权限
        ArrayList<GrantedAuthority> authorities = new ArrayList<>();
        //查询用户所拥有的 用户-角色表
        List<SysUserRole> user_rolelist = user_role_Dao.listByUserId(user.getId());
        //查询用户所拥有的 角色
        ArrayList<Role> rolelist = new ArrayList<>();
        for (SysUserRole user_role : user_rolelist) {
            rolelist.add(roleDao.selectById(user_role.getRoleId()));
        }

        for (Role role : rolelist) {

            //给用户添加角色权限
            authorities.add(new SimpleGrantedAuthority(role.getName()));
            //该角色对应的 角色-URL表
            List<SysRoleAuthority> role_authlist = role_authorityDao.queryByRoleid(role.getId());
            //用户所拥有的URL权限
            ArrayList<SysAuthority> authlist = new ArrayList<>();
            for (SysRoleAuthority role_auth : role_authlist) {
                authlist.add(authorityDao.queryById(role_auth.getAuth_id()));
            }
            //将URL关键字添加到用户权限
            for (SysAuthority auth : authlist) {
                authorities.add(new SimpleGrantedAuthority(auth.getAuth_keyword()));
            }
        }
        return authorities;
    }
}

